Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: y0SOpAfyR/OQ4jv75O8o2Plq0Q7/7vBFgiRODumT1RA=
Subject key identifier: 06:A9:17:A9:85:C9:A6:30:C6:CC:C9:B2:A9:32:3F:D5:AC:C7:A6:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0E3766CA536458826B1E2B4EBEAFB93951B41863
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Tue 19 May 2026 05:40:06 +0000
ROA not before: Tue 19 May 2026 05:40:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jun 2026 04:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:37:66:ca:53:64:58:82:6b:1e:2b:4e:be:af:b9:39:51:b4:18:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=65c8f19bb6cb540e4a2c2c013cb53884bff496c6a123e26d8778901fc43f442f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3b:60:bc:d1:41:90:a6:13:d4:41:e2:67:90:
47:0b:b2:c0:6d:71:04:d1:37:ec:61:1d:80:0d:95:
c7:7e:e1:64:6d:29:a9:a8:dc:6f:56:1c:26:8d:32:
9a:b0:51:b1:bd:d6:16:fc:ed:19:30:f0:74:d2:27:
47:2a:f8:61:3a:a5:2d:9f:f1:c2:a9:a9:a2:58:73:
84:25:8f:a0:72:36:ef:09:e8:8c:5c:2f:8d:12:5d:
be:64:83:3a:83:f4:e9:a7:63:ce:4a:72:4d:8f:e5:
fd:99:fb:22:36:75:cd:f8:06:ff:e1:f4:31:cd:b3:
04:a9:65:a5:ae:ac:86:7b:91:e5:ce:29:a3:1c:cd:
f7:8d:86:9e:7c:9a:4d:3b:55:30:1e:f8:9d:05:0f:
aa:56:5f:67:99:85:b2:ee:1e:a8:03:72:a5:27:9a:
9a:97:3b:29:87:88:dd:b8:0e:c5:17:ff:88:04:f5:
c8:e0:97:14:1f:2e:02:d7:80:b6:cf:0a:67:0a:be:
08:40:1d:25:b9:77:ce:f2:74:3e:cd:e8:12:43:fe:
e5:86:ba:6e:ae:8f:ba:ff:7a:cd:b1:44:d4:08:8e:
e1:ca:a7:b0:92:2c:01:8b:ba:67:07:64:12:27:3f:
f7:78:38:2e:f9:ee:c1:0b:a7:95:1a:6e:f8:ad:6f:
9b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A9:17:A9:85:C9:A6:30:C6:CC:C9:B2:A9:32:3F:D5:AC:C7:A6:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:04:49:be:d8:83:4e:09:e6:18:94:9d:c3:12:1c:4c:76:84:
71:53:ad:0d:9d:93:ee:84:3a:b8:b7:dd:25:d0:84:7f:f5:3f:
a5:0b:33:af:4c:b5:44:db:7f:b2:f3:02:da:72:2f:33:28:c1:
75:3e:5b:0a:c2:2e:2d:ab:c5:42:75:d6:61:ff:52:f6:0e:42:
43:ca:ae:9f:8f:bf:7c:2c:4c:67:89:12:f7:98:b9:ce:75:ed:
2b:30:ab:b1:31:60:5d:ca:3e:14:49:fd:0c:24:0b:09:18:16:
b8:ac:62:6a:c0:0e:3a:6c:2d:36:37:16:be:5e:b9:74:95:e6:
dd:d1:fb:56:7d:b5:f0:a9:b3:c5:50:74:d2:05:22:30:1e:46:
93:14:19:11:2d:0c:0d:52:4e:63:9a:d0:96:6c:74:a1:3c:86:
ab:65:c5:bc:46:0c:6d:58:a8:92:b3:13:cc:4e:5d:81:87:5b:
04:d3:0c:0f:ae:28:d2:c0:3b:58:44:78:d6:92:0f:20:51:dc:
99:bf:68:59:4a:73:12:88:17:ac:66:ca:c5:89:83:f3:97:ca:
32:e1:f1:d6:e6:51:70:92:13:ab:e5:d0:84:98:7f:cd:d1:86:
4e:56:a1:c6:c1:dd:38:44:b5:49:a8:bb:23:7e:47:0c:ac:7b:
7a:14:65:cf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDjdmylNkWIJrHitOvq+5OVG0GGMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1YzhmMTliYjZjYjU0MGU0YTJjMmMwMTNjYjUzODg0YmZmNDk2YzZhMTIz
ZTI2ZDg3Nzg5MDFmYzQzZjQ0MmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL07YLzRQZCmE9RB4meQRwuywG1xBNE37GEdgA2Vx37hZG0pqajcb1YcJo0y
mrBRsb3WFvztGTDwdNInRyr4YTqlLZ/xwqmpolhzhCWPoHI27wnojFwvjRJdvmSD
OoP06adjzkpyTY/l/Zn7IjZ1zfgG/+H0Mc2zBKllpa6shnuR5c4poxzN942Gnnya
TTtVMB74nQUPqlZfZ5mFsu4eqANypSeampc7KYeI3bgOxRf/iAT1yOCXFB8uAteA
ts8KZwq+CEAdJbl3zvJ0Ps3oEkP+5Ya6bq6Puv96zbFE1AiO4cqnsJIsAYu6Zwdk
Eic/93g4LvnuwQunlRpu+K1vm08CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQGqRep
hcmmMMbMybKpMj/VrMempzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQAWBEm+2INOCeYYlJ3DEhxMdoRxU60NnZPuhDq4t90l
0IR/9T+lCzOvTLVE23+y8wLaci8zKMF1PlsKwi4tq8VCddZh/1L2DkJDyq6fj798
LExniRL3mLnOde0rMKuxMWBdyj4USf0MJAsJGBa4rGJqwA46bC02Nxa+Xrl0lebd
0ftWfbXwqbPFUHTSBSIwHkaTFBkRLQwNUk5jmtCWbHShPIarZcW8RgxtWKiSsxPM
Tl2Bh1sE0wwPrijSwDtYRHjWkg8gUdyZv2hZSnMSiBesZsrFiYPzl8oy4fHW5lFw
khOr5dCEmH/N0YZOVqHGwd04RLVJqLsjfkcMrHt6FGXP
-----END CERTIFICATE-----
Generated at Sun May 31 06:09:32 2026 by rpki-client